[Forgot Password]
Login  Register Subscribe

25354

 
 

132804

 
 

134339

 
 

909

 
 

108885

 
 

152

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-92889-5

Platform: ubuntu19.04Date: (C)2019-11-07   (M)2019-11-07



Verify Permissions on /etc/shadow The /etc/shadow file is used to store the information about user accounts that is critical to the security of those accounts, such as the hashed password and other security information.


Parameter:


Technical Mechanism: If attackers can gain read access to the /etc/shadow file, they can easily run a password cracking program against the hashed password to break it. Other security information that is stored in the /etc/shadow file (such as expiration) could also be useful to subvert the user accounts. Fix: If the permissions of the /etc/shadow file are incorrect, run the following commands to correct them: # /bin/chmod o-rwx,g-rw /etc/shadow

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:55102


OVAL    1
oval:org.secpod.oval:def:55102
XCCDF    2
xccdf_org.secpod_benchmark_general_Ubuntu_19_04
xccdf_org.secpod_benchmark_SecPod_Ubuntu_19.04

© SecPod Technologies